<?php
@session_start ();
if (! isset ( $_SESSION ['username'] )) {
	header ( "location:log_in.php" );
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<link rel="stylesheet" href="../u_css/chang_password.css"
	type="text/css" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>更改密码</title>
</head>
<body>
<?php
require '../mysql_connection/for_u_lijinsheng.php';
include '../include_htmls/header.php';
?>
<div id="body">
<?php

$first = true;
$success = true;
if (isset ( $_GET ['original_password'] )) {
	$first = false;
	$last_username = $_GET ['username'];
	$original_password = $_GET ['original_password'];
	$new_password = $_GET ['new_password'];
	$confirm_password = $_GET ['confirm_password'];
	$success = ($new_password == $confirm_password) && verify_password ( $last_username, $original_password );
	$success = $success && change_password ( $last_username, $new_password );
	unset ( $_GET ['username'] );
	unset ( $_GET ['original_password'] );
	unset ( $_GET ['new_password'] );
	unset ( $_GET ['confirm_password'] );
}
if (isset ( $_SESSION ['username'] )) {
	$username = $_SESSION ['username'];
	?>
<div id="left-navigation">
<ul>
	<li><a class="unclick" href="base_Info.php">基本信息</a></li>
	<li class="current">修改密码</li>
	<li><a class="unclick" href="credit_Info.php">账户信息</a></li>
</ul>
</div>

<div id="content">
<h1>更改密码</h1>
<form action="chang_password.php" method="get">
<div>
<?php
	if (! $first) {
		if ($success) {
			?>
		<p class="notify">更改密码成功</p>
		<?php
		} else {
			?>
			<p class="notify">更改密码失败</p>
		<?php
		}
		?>
<?php
	}
	?>
<input type="hidden" name="username" value="<?=$username?>"> <label>原密码：<input
	type="password" name="original_password" /></label> <br />
<label>新密码：<input type="password" name="new_password" /></label> <br />
<label>密码确认：<input type="password" name="confirm_password" /></label> <br />
<input type="submit" value="更改密码" /></div>
</form>
</div>
<?php
}
?>
</div>
<?php
include '../include_htmls/footer.html';
?>
</body>
</html>
